Server-side request forgery in Ghost CMS

GHSA-q4h8-7qff-gh6c · BIT-ghost-2020-8134 · CVE-2020-8134

Published May 6, 2021 · Modified Dec 6, 2023

Description

Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-8134
WEB https://hackerone.com/reports/793704

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes